Manifests.

Box Manifest Files. More...

Collaboration diagram for Manifests.:

Detailed Description

Box Manifest Files.

All boxes must include a manifest file located at /box/<box>/manifest using the below format.

Format

[meta]
description = <short description of the box>
version = <version string>
author = <author name>
license = <license>
 
[exec]
bin = <path to the main executable, specified in the boxes namespace>
priority = <scheduler priority [`PRIORITY_MIN`, `PRIORITY_MAX_USER`]>
 
[sandbox]
profile = <empty|inherit>
foreground = <true|false>
 
[env]
KEY = VALUE ; Environment variable key-value pairs.
...
 
[namespace]
<target> = <source> ; Flags should be specified with the target, the source is specified in the root namespace.

Sandbox Profiles

There are four possible sandbox profiles:

• empty: Start with an empty namespace, meaning the process will by default not have access to any files or devices.
• inherit: Inherit the caller's namespace. This is useful for system utilities like ls or grep that need to operate on the user's current environment.

Foreground Mode

If foreground is set to true, then the box will receive stdio from the creator, be in the same process-group as the creator and start with the same cwd as the creator. Finally, the creator will receive a key to the boxes /proc/[pid]/wait file to retrieve its exit status.

In short, in foreground mode the box will, as far as the creator is concerned, behave like a child process.

Macros

The following macros can be used in a manifest for substitution, a macro should be prefixed with $:

• BOX: The path to the box's directory in the root namespace, e.g. /box/<box>.

See also

Init for information on the root namespaces filesystem heirarchy.

Data Structures
struct	section_entry_t
struct	section_t
struct	manifest_t
struct	substitution_t

Macros
#define	MANIFEST_STRING_MAX   128
#define	MANIFEST_SECTION_MAX   64

Enumerations
enum	section_type_t {   SECTION_META , SECTION_EXEC , SECTION_SANDBOX , SECTION_ENV ,   SECTION_NAMESPACE , SECTION_TYPE_MAX }

Functions
uint64_t	manifest_parse (manifest_t *manifest, const char *path)
void	manifest_substitute (manifest_t *manifest, substitution_t *substitutions, uint64_t amount)
char *	manifest_get_value (section_t *section, const char *key)
uint64_t	manifest_get_integer (section_t *section, const char *key)

Macro Definition Documentation

MANIFEST_STRING_MAX

#define MANIFEST_STRING_MAX   128

Definition at line 64 of file manifest.h.

MANIFEST_SECTION_MAX

#define MANIFEST_SECTION_MAX   64

Definition at line 66 of file manifest.h.

Enumeration Type Documentation

section_type_t

enum section_type_t

Enumerator
SECTION_META
SECTION_EXEC
SECTION_SANDBOX
SECTION_ENV
SECTION_NAMESPACE
SECTION_TYPE_MAX

Definition at line 80 of file manifest.h.

Function Documentation

manifest_parse()

uint64_t manifest_parse	(	manifest_t *	manifest,
		const char *	path
	)

Definition at line 35 of file manifest.c.

Here is the call graph for this function:

Here is the caller graph for this function:

manifest_substitute()

void manifest_substitute	(	manifest_t *	manifest,
		substitution_t *	substitutions,
		uint64_t	amount
	)

Definition at line 124 of file manifest.c.

Here is the call graph for this function:

Here is the caller graph for this function:

manifest_get_value()

char * manifest_get_value	(	section_t *	section,
		const char *	key
	)

Definition at line 168 of file manifest.c.

Here is the call graph for this function:

Here is the caller graph for this function:

manifest_get_integer()

uint64_t manifest_get_integer	(	section_t *	section,
		const char *	key
	)

Definition at line 180 of file manifest.c.

Here is the call graph for this function:

Here is the caller graph for this function: